aitools: add --param flag for parameterized SQL queries#5336
Open
simonfaltum wants to merge 2 commits into
Open
aitools: add --param flag for parameterized SQL queries#5336simonfaltum wants to merge 2 commits into
simonfaltum wants to merge 2 commits into
Conversation
Wires the Statement Execution API's named parameter support into the experimental aitools query and statement submit commands. Use ":name" markers in SQL and bind values with "--param name=value" or "--param name:TYPE=value" (typed). Empty value is sent as NULL. Co-authored-by: Isaac
Contributor
Waiting for approvalBased on git history, these people are best suited to review:
Eligible reviewers: Suggestions based on git history. See OWNERS for ownership rules. |
simonfaltum
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
simonfaltum
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
The Databricks SQL Statement Execution API supports named parameters (
:namemarkers in SQL plus aparameterspayload), but the experimental aitoolsqueryandstatement submitcommands never set that field. Users who want to avoid SQL injection, sidestep shell-quoting issues with dates and strings, or run typed bindings (DATE,INT,DECIMAL(...), etc.) currently have to drop down to raw HTTP. This wires the field through.Changes
Before: no way to pass parameters. SQL had to inline every value as a literal, with all the quoting and injection risk that implies.
Now:
--paramis a repeatable flag onquery,statement submit, and the multi-query batch path. Format:--param name=value(default type, server-side STRING)--param name:TYPE=valuefor typed bindings, e.g.--param since:DATE=2026-01-01Empty value (
--param opt=) is sent as NULL viaomitempty. Duplicate names and missing=are rejected at flag-parse time. In batch mode the same parameter set is applied to every statement.Implementation:
parseParamshelper inexperimental/aitools/cmd/params.go, plus parser unit tests.[]sql.StatementParameterListItemthroughexecuteAndPoll,submitStatement,executeBatch, andrunOneBatchQuery.--paramflag registered on bothnewQueryCmdandnewStatementSubmitCmd.No
NEXT_CHANGELOG.mdentry: this is still underexperimental aitools tools.Test plan
./task checksclean (tidy, whitespace, links, deadcode)./task lint-qclean (0 issues)./task fmtclean (no changes)go test ./experimental/aitools/...passes=/:, decimal types with parens, empty value, whitespace trimming, error cases (no=, empty name, duplicates)ParametersreachesExecuteStatementforexecuteAndPoll,submitStatement, andexecuteBatchdatabricks experimental aitools tools query --param name=alice "SELECT :name")